POPULARITY
Send us a textVulnerability assessments serve as the frontline defense against cybersecurity threats, yet many professionals struggle to understand the terminology and methodologies that make them effective. In this comprehensive episode, we demystify the critical components of vulnerability management that every security practitioner should master – whether you're preparing for the CISSP exam or strengthening your organization's security posture.We begin by examining recent ransomware attacks targeting municipal governments across the United States, highlighting how 28 county and tribal governments have already fallen victim in 2024 alone. These incidents underscore why vulnerability management isn't just theoretical knowledge but an urgent practical necessity for protecting critical infrastructure and services.Diving into the technical foundations, we explore how the Common Vulnerability and Exposures (CVE) system works, from discovery to disclosure, and how the Common Vulnerability Scoring System (CVSS) helps prioritize remediation efforts through its base, temporal, and environmental metrics. You'll gain clarity on related frameworks including CPE, CCE, and OVAL, understanding how these pieces fit together to create a comprehensive vulnerability management approach.The episode also provides a practical breakdown of network scanning techniques essential for vulnerability discovery, including SYN scans, TCP connect scans, ACK scans, UDP scans, and Christmas tree scans. We explain the intricacies of the TCP handshake process and how different scanning methods leverage various aspects of this protocol to identify potential vulnerabilities while avoiding detection.We also examine how AI-assisted code generation is transforming development practices, with 70% of professional developers expected to use these tools by 2027. While this technology promises significant productivity gains, it creates new security challenges that vulnerability assessment processes must address.Whether you're studying for the CISSP exam or looking to strengthen your organization's security practices, this episode equips you with the knowledge to implement effective vulnerability management. Visit CISSP Cyber Training for additional resources to support your cybersecurity journey.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
In this episode of 'Cybersecurity Today,' host Jim Love discusses various pressing topics in the realm of cybersecurity. Highlights include Anthropic's prediction on AI-powered virtual employees and their potential security risks, Microsoft's introduction of AI security agents to mitigate workforce gaps and analyst burnout, and a pivotal court ruling allowing a data privacy class action against Shopify to proceed in California. Additionally, the show covers the last-minute extension of funding for the Common Vulnerabilities and Exposures (CVE) program by the US Cybersecurity and Infrastructure Security Agency, averting a potential crisis in cybersecurity coordination. These discussions underscore the evolving challenges and solutions within the cybersecurity landscape. 00:00 Introduction and Overview 00:26 AI Employees: Opportunities and Risks 01:48 Microsoft's AI Security Agents 03:58 Shopify's Legal Battle Over Data Privacy 05:12 CVE Program's Funding Crisis Averted 07:24 Conclusion and Contact Information
In this episode of CISO Tradecraft, host G Mark Hardy delves into the crucial topic of Common Vulnerabilities and Exposures (CVE) and the Common Vulnerability Scoring System (CVSS). Learn about the history, structure, and significance of the CVE database, the recent funding crisis, and what it means for the future of cybersecurity. We also explore the intricacies of CVE scoring and how it aids in prioritizing vulnerabilities. Tune in to understand how as a CISO, you can better prepare your organization against cyber threats and manage vulnerabilities efficiently. Transcripts: https://docs.google.com/document/d/13VzyzG5uUVLGVhPA5Ws0UFbHPnfHbsII Chapters 00:00 Introduction to CVE and CVSS 01:13 History of Vulnerability Tracking 03:07 The CVE System Explained 06:47 Understanding CVSS Scoring 13:11 Recent Funding Crisis and Its Impact 15:53 Future of the CVE Program 18:27 Conclusion and Final Thoughts
In this episode, Geoff and Skyler talk with TrustedSec Security Consultants Whitney Phillips and Justin Bollinger about their recent presentations and experiences at CactusCon in Mesa, Arizona. Justin delves deep into the complexities surrounding the Common Vulnerabilities and Exposures (CVE) identification process and bug bounty programs, highlighting key challenges security researchers face. Whitney shares her expertise on crafting and delivering impactful conference presentations, offering valuable insights into preparation, audience engagement techniques, and managing presentation anxiety. Both consultants provide their unique perspectives on the conference highlights, including notable keynotes, networking opportunities, and emerging security trends discussed at this prominent Southwest cybersecurity event. About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Hack the planet! Find more cybersecurity resources on our website at https://trustedsec.com/resources.
A public list sponsored by the US government and designed to uniquely identify, without the need to manually cross- reference, all the known software vulnerabilities in the world.
A public list sponsored by the US government and designed to uniquely identify, without the need to manually cross- reference, all the known software vulnerabilities in the world. Learn more about your ad choices. Visit megaphone.fm/adchoices
Forecast = Expect severe disruptions in transit security, with a chance of clearer skies as the White House pushes for smoother collaboration with cybersecurity researchers. Transport for London's Cybersecurity Crisis Transport for London (TfL) has found itself in a cybersecurity “trainwreck,” facing a range of vulnerabilities and management issues that have exposed its infrastructure to significant risk. An investigation reveals a series of failures, from outdated systems to neglected security protocols, painting a chaotic picture of public infrastructure's readiness against cyber threats. With passengers' data and critical operations potentially at stake, this story highlights the growing urgency for improved cybersecurity measures in public sector systems. White House Endorsement of Cybersecurity Researcher Collaboration In a significant policy shift, the White House has endorsed a more collaborative approach with cybersecurity researchers, aiming to bolster national defenses against growing cyber threats. This endorsement includes support for responsible disclosure practices and partnerships that could help expedite vulnerability identification and mitigation across industries. By actively promoting collaboration, the administration signals a move toward a more unified and proactive stance on national cybersecurity, recognizing the essential role of researchers in safeguarding critical infrastructure and public safety. CVE's 25th Anniversary Report Celebrating 25 years, the Common Vulnerabilities and Exposures (CVE) program reflects on its progress in tracking and cataloging cybersecurity threats, becoming a cornerstone in the fight against vulnerabilities. The anniversary report not only emphasizes milestones in vulnerability identification and mitigation but also considers how the program must evolve to meet emerging challenges as cyber threats grow more sophisticated. With an eye on improving its database and keeping pace with the expanding threat landscape, CVE aims to continue being an essential resource for the cybersecurity community. CVE-2024-47575 Vulnerability as Flagged by Censys Censys has flagged CVE-2024-47575 as a serious vulnerability affecting systems reliant on outdated cryptographic protocols, specifically impacting certain SSL/TLS implementations. This vulnerability poses a risk to data integrity and confidentiality, enabling potential attackers to intercept or alter sensitive information in transit. The case of CVE-2024-47575 underscores the need for organizations to update and secure their cryptographic practices to avoid exposure to similar vulnerabilities. Storm Watch Homepage >> Learn more about GreyNoise >>
Video Episode: https://youtu.be/lEaBTx6FvCI In today’s episode, we dive into the alarming rise of Linux malware “perfctl,” which has stealthily targeted millions of servers for cryptomining over the past three years. We discuss the critical CVE-2024-29824 vulnerability in Ivanti Endpoint Manager, exploited for unauthorized SQL injection, and the ongoing threats posed by the North Korean APT group Stonefly, known for their intricate cybercrime tactics. Additionally, we explore the disturbing trend of cybercriminals leveraging compromised cloud credentials to operate sexualized AI chat bots, highlighting the urgent need for improved security practices. Sources: 1. https://www.bleepingcomputer.com/news/security/linux-malware-perfctl-behind-years-long-cryptomining-campaign/ 2. https://www.helpnetsecurity.com/2024/10/03/cve-2024-29824/ 3. https://www.helpnetsecurity.com/2024/10/03/private-us-companies-targeted-by-stonefly-apt/ 4. https://krebsonsecurity.com/2024/10/a-single-cloud-compromise-can-feed-an-army-of-ai-sex-bots/ Timestamps 00:00 – Introduction 01:06 – AI powered s3x bots 03:13 – Ivanti SQL Injection 04:08 – Perfectl Linux Malware 05:33 – APT45 StoneFly Attacks US companies 1. What are today’s top cybersecurity news stories? 2. What is the Linux malware “perfctl” and how does it work? 3. How is the Ivanti Endpoint Manager flaw (CVE-2024-29824) being exploited? 4. What activities are linked to the Stonefly APT group targeting US companies? 5. How are stolen cloud credentials being used for AI-powered sex chat services? 6. What vulnerabilities does CVE-2024-29824 address and why is it critical? 7. What measures can organizations take to detect the “perfctl” malware? 8. What are the implications of the Stonefly APT’s recent attacks on private companies? 9. How did researchers demonstrate the abuse of AWS Bedrock for illegal activities? 10. What security best practices can prevent cloud credential theft and misuse? perfctl, Linux, Monero, vulnerabilities, Ivanti, SQL injection, cybersecurity, remediation, Stonefly, cyberattacks, Preft, malware, cloud credentials, AI-powered, child sexual exploitation, cybercriminals, # Intro In a shocking revelation, a stealthy Linux malware named “perfctl” has been exploiting server vulnerabilities for over three years, using advanced evasion techniques to secretly mine Monero cryptocurrency on countless systems worldwide. This elusive threat not only disrupts normal operations by maxing out CPU usage but also deftly vanishes when users log in, making detection extremely difficult for many administrators. How do adversaries exploit vulnerabilities to gain initial access to systems with the perfctl malware? Hackers are actively exploiting a critical SQL injection flaw in Ivanti Endpoint Manager, prompting US federal agencies to rush and remediate the threat by October 23, 2024. Despite Ivanti’s urgent patches, details of the attacks remain sparse, spotlighting the pressing need for effective cybersecurity measures. Why does this particular vulnerability pose such a significant risk compared to others? North Korean APT group Stonefly, undeterred by legal indictments, is intensifying its financially-motivated cyberattacks on US companies, leveraging a unique arsenal of malware and tools. Despite failed ransomware attempts, their distinctive Preft backdoor confirms their tenacity in pursuing targets with no direct intelligence value. Why has Stonefly shifted their focus from espionage to financially-driven cybercrime in recent years? A staggering rise in stolen cloud credentials is fueling an underground market of AI-powered sex chat services, with cybercriminals bypassing content filters for disturbing role-plays involving child sexual exploitation. As security researchers lay bare the chilling implications of compromised AI infrastructure, the industry scrambles for solutions to thwart this escalating threat. **Question:** How are cybercriminals leveraging stolen cloud credentials to evade content restrictions on AI, and what are the financial and ethical implications for the victims? # Stories In this episode, we discuss a recent discovery by Aqua Nautilus researchers of the Linux malware “perfctl,” which has been running a covert cryptomining campaign for over three years. This malware has targeted potentially millions of Linux servers, using advanced evasion techniques and rootkits to remain largely undetected. Perfctl primarily uses compromised servers to mine the Monero cryptocurrency, exploiting misconfigurations and vulnerabilities, such as CVE-2023-33246 in Apache RocketMQ and CVE-2021-4034 in Polkit, for initial access. It operates stealthily, disguising processes and using TOR for encrypted communications. The malware also deploys proxy-jacking software for additional revenue streams. System administrators often notice infections due to 100% CPU usage, though perfctl halts its activities as soon as the user logs in. Due to its evasive and persistent nature, typical removal methods are ineffective, with a full system wipe and reinstall recommended to ensure complete removal. Aqua Nautilus suggests monitoring system directories, CPU usage, and network traffic, alongside patching known vulnerabilities, to detect and prevent perfctl infections. Certainly! Here's a list of ten important terms and nouns from the article, each followed by a brief definition particularly related to cybersecurity: 1. **Linux**: An open-source operating system known for its robust security features and wide use in servers and workstations. In cybersecurity, it’s crucial as many servers run on Linux, making them targets for attacks like the mentioned malware. 2. **Malware**: Malicious software designed to infiltrate, damage, or disable computers and networks. It is important because it can weaponize for financial gain, as in cryptomining without consent. 3. **Cryptomining**: The process of validating cryptocurrency transactions and adding them to the blockchain ledger, in this context, unauthorized use of others’ computer resources to generate cryptocurrency like Monero. 4. **Rootkit**: A set of software tools that enable unauthorized users to gain control of a system without being detected. Rootkits are important in malware because they allow it to remain hidden and maintain persistent access. 5. **CVE (Common Vulnerabilities and Exposures)**: A list of publicly disclosed cybersecurity vulnerabilities. CVEs are critical for understanding and mitigating known vulnerabilities that attackers might exploit as seen with CVE-2023-33246 and CVE-2021-4034. 6. **Monero**: A cryptocurrency known for its privacy features, making transactions challenging to trace. Important in cyber threats like cryptomining, as attackers use infected systems to mine Monero for profit. 7. **TOR**: Short for The Onion Router, a decentralized network to anonymize internet traffic through encryption and relay techniques. It is crucial for maintaining anonymity in cyber operations, as noted in the malware’s communication method. 8. **Userland rootkits**: Types of rootkits that operate in the user space and manipulate user-level applications to evade detection, demonstrating advanced techniques for obscuring malicious activities and maintaining control. 9. **Apache RocketMQ**: An open-source messaging server often used in enterprise environments. Its mention highlights how vulnerabilities in widely used software such as CVE-2023-33246 can be critical entry points for attacks. 10. **Indicators of Compromise (IoC)**: Forensic evidence of potential intrusion or malware activity within a network or system. Recognizing IoCs is essential for detecting and responding to security breaches like those associated with perfctl. This list encompasses important cybersecurity concepts relevant to understanding and contextualizing threats, detection, and protection mechanisms discussed in the article. — On today’s podcast, we’re discussing a critical security flaw in Ivanti Endpoint Manager, known as CVE-2024-29824. This unauthenticated SQL Injection vulnerability is actively being exploited, prompting the Cybersecurity and Infrastructure Security Agency to add it to their Known Exploited Vulnerabilities catalog. Ivanti has acknowledged that a limited number of their customers have been impacted. This flaw, part of a group of ten similar vulnerabilities, affects versions prior to Ivanti EPM 2022 SU5 and could allow attackers to execute code within the service account. Researchers have published detailed technical information and proof-of-concept exploits for this vulnerability. To address the issue, Ivanti released a patch involving the replacement of critical DLL files and a server restart. Federally, US agencies are mandated to remediate this vulnerability by October 23, 2024. Ivanti has urged all users to ensure their systems are up to date with the latest patch. Stay informed and make sure your systems are protected. Certainly! Here’s a list of the top 10 most important nouns and technical terms from the article, along with their definitions and relevance to cybersecurity: 1. **CVE-2024-29824** *Definition:* A Common Vulnerabilities and Exposures (CVE) identifier assigned to an unauthenticated SQL Injection vulnerability found in Ivanti Endpoint Manager (EPM) appliances. *Importance:* This vulnerability is critical because it allows attackers to execute arbitrary code, potentially leading to unauthorized access or data manipulation in affected systems. 2. **Ivanti Endpoint Manager (EPM)** *Definition:* A management tool used to automate and control IT systems, providing capabilities such as hardware and software management, asset discovery, and endpoint security. *Importance:* EPM’s widespread deployment in various organizations makes security flaws within it particularly concerning, as they can affect numerous systems. 3. **SQL Injection** *Definition:* A type of security vulnerability that allows an attacker to interfere with the queries an application makes to its database by injecting malicious SQL code. *Importance:* SQL injection vulnerabilities can lead to data breaches, unauthorized data access, and full system compromise, making them a high priority in security. 4. **Cybersecurity and Infrastructure Security Agency (CISA)** *Definition:* A U.S. federal agency responsible for enhancing the security, resilience, and reliability of the nation’s cybersecurity infrastructure. *Importance:* CISA’s involvement indicates the severity of a vulnerability, guiding organizations on critical security measures to implement. 5. **Security Advisory** *Definition:* An official notification providing details about a vulnerability, including its impact, affected systems, and measures for remediation. *Importance:* Security advisories are crucial for informing organizations and the public about vulnerabilities and recommended actions to mitigate security risks. 6. **Zero Day Initiative (ZDI)** *Definition:* A program that focuses on finding and reporting zero-day vulnerabilities to affected vendors for remediation before they can be exploited by attackers. *Importance:* ZDI’s work helps in identifying and patching vulnerabilities before they are widely exploited, enhancing overall cybersecurity posture. 7. **Proof of Concept (PoC)** *Definition:* A demonstration that shows how a vulnerability can be exploited to achieve harmful results, often used to prove the existence and impact of a security flaw. *Importance:* PoCs help in understanding the practical implications of vulnerabilities and in developing appropriate fixes or mitigation strategies. 8. **KEV Catalog** *Definition:* The Known Exploited Vulnerabilities (KEV) catalog is a list maintained by CISA of vulnerabilities that have been actively exploited in the wild. *Importance:* Inclusion in the KEV catalog underscores the critical nature of a vulnerability, signaling to organizations the urgency in applying patches. 9. **DLL Files** *Definition:* Dynamic-link library (DLL) files are collections of small programs used by larger programs to perform specific tasks, often shared among different applications. *Importance:* Replacing vulnerable DLL files is a method of patching software to fix security vulnerabilities like those described in the article. 10. **IISRESET** *Definition:* A command-line utility used to restart Internet Information Services (IIS), the web server software used by Windows servers. *Importance:* Restarting services using IISRESET ensures that any patched or updated files are loaded into memory, completing the remediation process for vulnerabilities. — In this episode, we delve into Stonefly APT, a North Korean cyber-threat group, also known as APT45. Despite previous indictments, Stonefly continues to target US companies. Linked to North Korea’s military intelligence, the group uses a mix of modified and custom malware for espionage and financially-motivated attacks, having been active since 2009. Recent attacks in August 2024 against US companies, using tools like Preft and Nukebot, highlight their ongoing efforts, likely for financial gain. Experts suggest these actions may fund other state priorities, underscoring the persistent cyber threat posed by Stonefly. 1. **Stonefly (APT45):** A North Korean Advanced Persistent Threat (APT) group also known as Andariel and OnyxFleet, linked to military intelligence. It is significant due to its involvement in cyber espionage and financially-motivated cybercrime targeting US companies. 2. **Reconnaissance General Bureau (RGB):** North Korean military intelligence agency associated with directing cyber operations. Important for understanding the state-backed nature of certain threat groups like Stonefly. 3. **APT (Advanced Persistent Threat):** A prolonged and targeted cyberattack where an unauthorized user gains access to a network and remains undetected for an extended period. Key in cybersecurity since it highlights the sophisticated nature of cyber threats. 4. **3PROXY:** A publicly available proxy server software used for network connections. Important as a tool often exploited by cyber-attacks for masking and redirecting traffic. 5. **Malware:** Malicious software designed to disrupt, damage, or gain unauthorized access to computer systems. Critical in cybersecurity as it encompasses various attack methods utilized by threat actors. 6. **Preft (backdoor):** A custom persistent backdoor linked specifically to Stonefly, allowing unauthorized access into a computer system. Its recognition aids in the identification and attribution of attacks to specific groups. 7. **Ransomware:** A type of malware that encrypts the victim’s files and demands a ransom for the decryption key. Vital due to its financial impact and prevalence in cybercrime. 8. **Keyloggers:** Software or devices designed to record keystrokes on a computer, often covertly. Their detection is crucial as they are commonly used for information theft. 9. **Mimikatz:** A publicly available security tool often misused to extract password data from Windows systems. Its relevance in cybersecurity lies in its frequent misuse for credential theft. 10. **Indicators of Compromise (IoCs):** Artifacts or forensic data that indicate potential intrusion or malicious activity in a network. Essential for threat detection and response in cybersecurity. — In a recent report, cybersecurity experts from Permiso Security have uncovered a troubling trend where cybercriminals exploit stolen cloud credentials to operate AI-powered sex bots. These bots, which are bypassing content filters through custom jailbreaks, often delve into dangerous and illegal role-playing scenarios involving child sexual exploitation and rape. The attacks primarily target large language models (LLMs) hosted on platforms like Amazon's Bedrock. Permiso's investigation revealed that attackers quickly commandeer exposed credentials to fuel AI chat services, racking up unauthorized usage costs for cloud account owners. Platforms like “Chub[.]ai” are suspected of leveraging this method to offer chats with AI characters engaging in controversial and explicit scenarios. Chub claims to bypass content restrictions for a small monthly fee, fueling a broader uncensored AI economy. AWS has responded by tightening security measures, but concerns persist around the potential misuse of AI technologies. The situation highlights the necessity for organizations to protect access keys and to consider enabling logging features to detect unusual activities, despite the additional costs involved. Anthropic, a provider of LLMs to Bedrock, continues to enhance safeguards against such abuses. 1. **Cloud Credentials** **Definition:** Authentication information required to access cloud computing services. **Importance:** Stolen cloud credentials allow cybercriminals unauthorized access to a victim’s cloud resources, which can be exploited for malicious activities such as operating unauthorized services or reselling access clandestinely. 2. **Generative Artificial Intelligence (AI)** **Definition:** AI systems capable of generating text, images, or other media in response to prompts by leveraging large datasets and complex algorithms. **Importance:** These systems can be misused to create harmful or illegal content, as evidenced by their exploitation in unauthorized sex chat services, highlighting the need for robust ethical and security safeguards. 3. **Large Language Models (LLMs)** **Definition:** Advanced AI systems that process and generate human-like text by analyzing vast amounts of language data. **Importance:** LLMs can be manipulated by bad actors to bypass restrictions and produce inappropriate or illegal content, underscoring the risks of inadequate security measures. 4. **Jailbreak (in AI context)** **Definition:** Techniques used to bypass or disable restrictions set within AI systems, allowing them to produce content or perform actions usually forbidden. **Importance:** Jailbreaking enables cybercriminals to exploit AI platforms for illicit purposes, making the development of resilient models a key priority for AI security. 5. **Amazon Web Services (AWS) Bedrock** **Definition:** A cloud-based platform by AWS that provides foundational tools and services for building and deploying generative AI models. **Importance:** Its compromise can lead to significant unauthorized usage and financial liabilities for the account holder, as demonstrated by the unauthorized use in illicit AI chat services. 6. **Prompt Logging** **Definition:** The process of recording and monitoring the prompts given to AI models and the responses they generate. **Importance:** Enables transparency and security oversight, allowing organizations to detect and mitigate misuse of AI resources effectively. 7. **Chub AI** **Definition:** A platform offering AI chat bot characters, including those with explicit and controversial themes. **Importance:** Exemplifies the challenge of regulating AI-powered services to prevent the exploitation and dissemination of harmful content. 8. **NSFL (Not Safe for Life)** **Definition:** A categorization used to describe content that is extraordinarily disturbing or offensive. **Importance:** Highlights the potential for AI-driven services to generate deeply objectionable material, raising ethical and legal concerns. 9. **GuardDuty** **Definition:** An AWS security service that provides monitoring and threat detection for identifying malicious activity and unauthorized behavior. **Importance:** Essential for maintaining cloud security posture and preemptively identifying potential threats, particularly in preventing unwanted exploitation of cloud resources. 10. **Anthropic** **Definition:** An AI safety and research organization focused on developing models with built-in ethical constraints. **Importance:** Plays a critical role in enhancing AI safety to prevent misuse, working towards models resistant to manipulation and fostering industry-wide best practices for secure AI deployment. —
In this season of Hacker Valley Red, we focus on cybersecurity legends in offensive operations with a legend in physical pen testing and lockpicking: Deviant Ollam. As a pioneer in our industry and an author of two incredible books about lockpicking, Deviant shares his history from hobbyist to professional and all that he's learned along the way. He also discusses making the secrets of the hacking world accessible to all. Timecoded Guide: [01:28] Defining the pioneers in cybersecurity [08:47] Deviant's first explorations in lockpicking [16:03] Accessing and democratizing hacking secrets [18:58] Becoming an author to transfer his knowledge [23:12] Seeing the past, present, and future of hacking Sponsor Links: Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life! Life is complex. But it's not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone PlexTrac, the Proactive Cybersecurity Management Platform, brings red and blue teams together for better collaboration and communication. Check them out at plextrac.com/hackervalley _________ What does it mean to be a pioneer in cybersecurity? As our season focuses on legends, it's important that we explain what makes these individuals such a vital part of our community. In the case of this episode, we explain that our guest Deviant is nothing short of a pioneer. Deviant has been willing to take on new challenges and revolutionize the industry throughout his career, influencing hundreds of individuals and leaving a lasting educational impact on the entire industry. “That ‘zero to one' part can be the hardest part of any progression in any field, but especially in cybersecurity.” — Chris When you reflect on changing this whole industry, how does that make you feel? Despite our guest's legendary reputation, Deviant is humble about his achievements, caring more about how his work has impacted others than himself. What he focuses most on in his teaching, presentations, and writing is making lockpicking and penetration testing accessible and understandable. Instead of harboring secrets and perpetuating exclusionary policies, Deviant wants anyone to be able to master these skills and understand this knowledge. “I'm not the first one who ever did this. What I like to think of my contributions is that they have chiefly been making it accessible and democratizing this knowledge.” — Deviant Do you think it's harder today to stand out than it was a couple of decades ago? For Deviant, our globalized internet and algorithm-focus social media sites are both a blessing and a curse. While knowledge can be found on every corner of the web and anyone can become familiar with the information that was once borderline inaccessible, Deviant also recognizes that younger hackers and lockpickers will have a very different rise to success than he did years ago, especially due to fragmented audiences and tricky algorithms. “We have more avenues to put yourself on display, to put yourself out there than ever before, but that means the audience is fragmented and is spread so thin.” — Deviant What piece of advice would you have for the folks that want to make an impact in security and technology and in our community today? Although success will look different for newer members of our cybersecurity community, Deviant is confident that the younger innovative minds of the future will be able to solve so many of the long-standing problems within our industry. However, he reminds our younger audience that they need to still respect the tenured members of the cybersecurity world and learn from them without oversimplifying the issues past professionals have faced. “Start thinking about it in a way that doesn't use ‘just,' because every old head in the industry has heard that….We couldn't ‘just' do it, or we would've ‘just' done it.” - Deviant Hacking the Vocabulary: Physical pen-testing — A simulated real-world threat scenario where a malicious actor attempts to compromise a business's physical barriers to gain access to infrastructure, buildings, systems, and employees. CVE— Common Vulnerabilities and Exposures (CVE) is a database of publicly disclosed information security issues. Lockpick Village — A physical security demonstration and participation area where participants can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficulty. Additional resources to check out: Robert Morris, the Morris worm, TOOOL, the CORE group, Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam, Keys to the Kingdom by Deviant Ollam, DEF CON ________ Spend some time with our guest, Deviant Ollam, on his website, Twitter, Instagram, and Youtube channel. Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter. Follow Ron Eddings on Twitter and LinkedIn Catch up with Chris Cochran on Twitter and LinkedIn Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord
A public list sponsored by the US government and designed to uniquely identify, without the need to manually cross- reference, all the known software vulnerabilities in the world.
A public list sponsored by the US government and designed to uniquely identify, without the need to manually cross- reference, all the known software vulnerabilities in the world.
In this in-depth Security Awareness Training, host Jeremy Cherny explores how a security incident can occur, as well as how people can best protect their data to remain secure. What is a Security Incident? A Security Incident is any breach in your CIA. CIA is an acronym for these 3 areas with the first being the Confidentiality of your internal and/or external data or systems meaning that a breach occurs when someone has access to your data that shouldn’t. The “I” stands for the Integrity of your data and systems so it’s safe from corruption and unauthorized changes. Lastly, the “A” refers to the Availability of your systems and data so they are working and ready when you need them. So when you think of security breaches, think of the Confidentiality, Integrity, and Availability of your data and systems. Remember that security is only as good as your weakest links so make sure that you have all your blind spots covered! Common Vulnerabilities and Exposures (CVE) A CVE is a dictionary that provides definitions for publicly disclosed cybersecurity vulnerabilities and exposures. Every time there is a new security hole discovered in a device or software, it is given a CVE number. Over time, these vulnerabilities and security holes have been being discovered at a much higher rate which is one of the reasons why cybersecurity is so crucial in today’s day and age. Back in 1999, there were only 1,000 or so CVE’s that had been discovered versus in 2018 alone where there were over 16,000 CVS’s discovered. Another point to be made about CVE’s is that these are only the ones we know about and there could be thousands of other vulnerabilities that are out there which just have yet to be discovered. Face The Facts It’s almost certain that you will face multiple security incidents over time and although it may not be a big issue, it is still important to take the necessary steps to reduce the number and severity of security incidents. It is also important to note that even though steps can be made to reduce the number of incidents, you can’t eliminate them all because over time nothing is 100% effective. Although security incidents are becoming more complex every day, education, planning, and preparation are the only actions you can take to significantly reduce the number and scope of these incidents as well as to recover from any security incident you may face. Lastly, we advocate for you to trust no one and to always verify your security with a third party to ensure that you are staying safe. Top Reasons You Will Have A Security Incident Using Vulnerable Technology - If you use old technology that hasn’t been updated with security patches, or new technology which hasn’t had security patches applied can lead to vulnerability. Failure To Follow Best-Practices For Installation & Configuration - For example, many in-home routers will have a default password set up and a lot of people never change that password where the best practice would be to go in and change it to protect yourself. Lack of Written Policies - Written policies help you have a plan in place to protect yourself from security incidents. Lack of Education For Everyone In Your Organization - When people don’t know what they should be looking out for, they’re far more likely to stumble into something dangerous. Failure To Plan & Prepare - Planning and preparing is crucial to avoiding security incidents, as well as recovering when one does occur. Failure To Monitor, Audit, and Maintain Policies and Systems - Consistently ensuring that all your systems are functioning properly will decrease vulnerabilities. Security is Inconvenient - Many people will avoid security because it’s an extra password, or it takes more time so they bypass it leading to a higher chance of a security incident. People Are Human - This is the biggest reason for all security breaches as everyone at some point will click something they shouldn’t by accident. What is Security Awareness Training? Security Awareness Training is training and awareness for your computer users, training as part of onboarding new employees, newsletters and alerts about new security threats and scams, testing and reporting, targeted education for critical roles and repeat offenders, and lastly, ongoing education that never stops.
Threat modeling is a key to securing businesses, governments and individuals in a hacker-happy world. Its principles can be applied to disaster risk reduction (DRR), climate change adaptation (CCA) & other fields. Listen to Cybersecurity expert Adam Shostack in "Cybersecurity, Threat Modeling & in an Up & Down World" (Multi-Hazards Podcast S02 E19). Check out the Study Guide, click on the top left "PDF": https://multi-hazards.libsyn.com/cybersecurity-threat-modeling-in-an-up-down-world-conversation-with-adam-shostack Adam Shostack Bio Adam Shostack is a leading expert on threat modeling, and a consultant, entrepreneur, technologist, author and game designer. He's a member of the BlackHat Review Board, and helped create the Common Vulnerabilities and Exposures (CVE) system and many other things. He currently helps many organisations improve their security via Shostack & Associates, and advises startups including as a Mach37 Star Mentor. While at Microsoft, he drove the Autorun fix into Windows Update, was the lead designer of the Security Development Lifecycle (SDL) Threat Modeling Tool v3 and created the "Elevation of Privilege" game. Adam is the author of Threat Modeling: Designing for Security, and the co-author of The New School of Information Security. If you'd like help threat modeling, or engineering more secure systems in general, take a look at his consulting pages at https://adam.shostack.org.
Sponsored By: Panelists Richard Littauer | Eric Berry | Justin Dorfman Guest Georg Link (http://www.georglink.de/) Bitergia (https://bitergia.com/) | CHAOSS (https://chaoss.community) Show Notes In this episode we talk with Georg Link, an Open Source Strategist. He is Director of Sales for Bitergia and Co-Founder, Governing Board Member of the Linux Foundation CHAOSS Project. He’s a native of Germany, but currently resides in Omaha, Nebraska. 04:21 Georg explains how he spent his last five years as he joined the PhD program, how he dove into Open Source, and his research focus. 5:25 The topic of metrics is discussed for Open Source. 07:52 The roots of the CHAOSS Project is explained and how it started at the Open Source Leadership Summit in 2017. 10:36 The topic of Red Hat’s contribution to Prospector as part of Project CHAOSS is explained and how it took the approach of taking metrics and providing an interface for analysis. 11:55 A question was posed to Georg about his perspective of his view when he started getting into the data behind Open Source and what kind of revelations he had. 15:29 One of the guys wants to know what Georg’s expectations are of these projects when they use metrics outlined and what will they do with it. 19:09 Georg talks about the two main reasons why he sees the metrics being implemented. 19:26 Justin brings up how Drupal does a comprehensive state of their community once a year and how they really go into metrics and Richard wants to know what metrics we have, and Georg expands on this topic. 22:26 Georg shares checking out CHAOSS.community/metrics to see shared metrics. 25:10 Richard wants to know how people who are not in an OSPO, who have a project, or are solo maintainers, or a team of people working on a project, how can they use these metrics to make their code better in the long run? Georg gives his recommendations on how to do this. 29:08 Georg explains who metrics are useful to and a question was asked from one of the guys as to how people can learn about different things from metrics without getting involved in the CHAOSS community if they don’t have time. Georg gives his advice. 33:38 Georg chats about what was different at the recent CHAOSSCON, what he’s focused on, and what he’s doing moving ahead. Listen on as he states, “It was the BEST we’ve had!” Spotlights 39:11 Justin’s spotlight this week is a TechRepublic article called, “Linux Foundation study throws the open source sustainability debate into question,” by Matt Asay. 39:38 Eric’s spotlight is a controversial one called Web3 Sustain Event-Blockchain. 40:47 Richard’s pick is Jekyll, to build websites really easily and fast using Ruby. 41:15 Georg gives a shout out to the LibreOffice community. Links Georg Link, PhD (https://georg.link/) Georg Link (http://www.georglink.de/) Georg Link Twitter (https://twitter.com/georglink) Georg Link Linkedin (https://www.linkedin.com/in/georglink) Bitergia (https://bitergia.com/) Red Hat (https://www.redhat.com/en) OSPO (https://www.redhat.com/en/blog/what-does-open-source-program-office-do) CHAOSS Participate (https://chaoss.community/participate/) CHAOSS Metrics (https://chaoss.community/metrics/) Finos Foundation (https://finosfoundation.atlassian.net/wiki/spaces/FINOS/overview) Common Vulnerabilities and Exposures (CVE) (http://cve.mitre.org/index.html) Drupal (https://www.drupal.org/) Cauldron (https://cauldron.io/) Tech Republic article by Matt Asay (https://www.techrepublic.com/article/new-study-throws-the-open-source-sustainability-debate-into-question/) Sustain Web3 event-Blockchain (https://web3.sustainoss.org/) Jekyll (https://jekyllrb.com/) LibreOffice (https://www.libreoffice.org/) Special Guest: Georg Link.
Ah, "cloud wars" are getting interesting (we claim dibs on the movie title!). With Oracle losing their bid w/the Pentagon, and Microsoft also reaching out and partnering with Oracle, there is tons of interest in what's going on. But that's not all! The twitters was set aflame by the 10x Developer twitter that has been going around (for the record, we think is mostly nonsense), and we dive into a hilarious take on what 10x developers are supposed to be. We also dive into Gil Tene's OpenJDK Mystery meat, and the threat of "just taking the latest Docker image". It's a sobering thought that sometimes even when you see the version of OpenJDK, it might not be the right thing due to the OS packaging, which in turn becomes a Docker reference image. In all a troubling precedent specially when Common Vulnerabilies and Exposures (CVE) are concerned. Lastly, there are predictions that Python is going to overtake Java as the most used language in the TIOBE index. Of course this crowd will not just take that proclamation laying down. So we went into a heated discussion why and how it is (in our humble opinion) a little rushed to say that python is going to overtake Java in mere four years. Tons of punditry, enough beer, and a whole lotta entertainment in this episode, so what'cha waiting for? Start listening now! We thank DataDogHQ for sponsoring this podcast episode We also thank OverOps for sponsoring this podcast episode DO follow us on twitter @offheap The Definite Guide to Spring Batch (By our own Michael Minella!) New Features from Java 13 Oracle Loses War Cloud What to Expect from Oracle and Microsoft Cloud Partnership The 10x Developer? OpenJDK Mystery Meat Python overtaking Java in the next 4 years
The Common Vulnerabilities and Exposures (CVE) system is a critical tool for the cybersecurity industry. CVEs provide consistency in naming and clarity on the nature and impact of various vulnerabilities. In this week's Linux Security Podcast, Atomicorp CEO Mike Shinn discusses the origin and management of the CVE process, how it's used by cybersecurity professionals and why it's so important. He also discusses how vulnerability management systems are perpetually hobbled by the limitations of the CVE system.
Simon & Jeff get together to review a raft of updates large and small! Shownotes: Amazon Virtual Private Cloud (VPC) now Allows Customers to Tag Their Elastic IP Addresses | https://aws.amazon.com/about-aws/whats-new/2017/12/amazon-virtual-private-cloud-vpc-now-allows-customers-to-tag-their-elastic-ip-addresses/ Amazon WorkSpaces Now Supports Configurable Storage and Switching Between Hardware Bundles | https://aws.amazon.com/about-aws/whats-new/2017/12/amazon-workspaces-now-supports-configurable-storage-and-switching-between-hardware-bundles/ Now available in Amazon SageMaker: DeepAR algorithm for more accurate time series forecasting - AWS Machine Learning Blog | https://aws.amazon.com/blogs/machine-learning/now-available-in-amazon-sagemaker-deepar-algorithm-for-more-accurate-time-series-forecasting/ Amazon SageMaker BlazingText: Parallelizing Word2Vec on Multiple CPUs or GPUs - AWS Machine Learning Blog | https://aws.amazon.com/blogs/machine-learning/amazon-sagemaker-blazingtext-parallelizing-word2vec-on-multiple-cpus-or-gpus/ Amazon Inspector no Longer Requires a Compatible Kernel for Rules Packages like Common Vulnerabilities and Exposures (CVE) | https://aws.amazon.com/about-aws/whats-new/2018/01/amazon-inspector-no-longer-requires-a-compatible-kernel-for-rules-packages-like-common- vulnerabilities-and-exposures-cve/ Amazon Aurora with MySQL Compatibility Speeds Query Processing with Hash Join and Batched Scans | https://aws.amazon.com/about-aws/whats-new/2017/12/amazon-aurora-with-mysql-compatibility-speeds-query-processing-with-hash-join-and-batched-scans/ Amazon Aurora with MySQL Compatibility Natively Supports Synchronous Invocation of AWS Lambda Functions | https://aws.amazon.com/about-aws/whats-new/2017/12/amazon-aurora-with-mysql-compatibility-natively-supports-synchronous-invocation-of-aws-lambda-functions/ Announcing Preview of Amazon Aurora with MySQL 5.7 Compatibility | https://aws.amazon.com/about-aws/whats-new/2017/12/announcing-preview-of-amazon-aurora-with-mysql-5-7-compatibility/ AWS Developer Forums: Amazon S3 Inventory adds a time stamp | https://forums.aws.amazon.com/ann.jspa?annID=5368 AWS Lambda .NET Core 2.0 Support Released - AWS Developer Blog | https://aws.amazon.com/blogs/developer/aws-lambda-net-core-2-0-support-released/ Announcing Go Support for AWS Lambda - AWS Compute Blog | https://aws.amazon.com/blogs/compute/announcing-go-support-for-aws-lambda/ Amazon Kinesis Data Firehose is now Available in Three More Regions | https://aws.amazon.com/about-aws/whats-new/2018/01/amazon-kinesis-data-firehose-is-now-available-in-three-more-regions/ CloudWatch Introduces Tiered Pricing With up to 90% Discount for VPC Flow Logs and Other Vended Logs | https://aws.amazon.com/about-aws/whats-new/2018/01/cloudwatch-introduces-tiered-pricing-with-up-to-90-percent-discount-for-vpc-flow-logs-and-other-vended-logs/ Amazon EC2 Elastic GPUs Now Support OpenGL 4.3 | https://aws.amazon.com/about-aws/whats-new/2018/01/amazon-ec2-elastic-gpus-now-support-opengl-4-3/ New AWS Auto Scaling – Unified Scaling For Your Cloud Applications - AWS News Blog | https://aws.amazon.com/blogs/aws/aws-auto-scaling-unified-scaling-for-your-cloud-applications/
In this episode we chat with Steve Christey Coley currently the Principal Information Security Engineer over at MITRE Corp. In this episode we talk through our industry's obsession with vulnerabilities, dive headlong into the thorny issue of security research, talk through the various issues with disclosure and even delve into some ethics issues. This episode is content-packed with some content that you will likely want to talk to us about. So here's how to find us: Steve on Twitter: @SushiDude Hashtag for the show: #DtSR Steve's Bio (from LinkedIn - https://www.linkedin.com/in/steve-christey-coley-66aa1826): Editor / Technical Lead for the Common Vulnerabilities and Exposures (CVE) project; Technical Lead for the Common Weakness Enumeration (CWE); co-author of the "Responsible Vulnerability Disclosure Process" IETF draft with Chris Wysopal in 2002; participant in Common Vulnerability Scoring System (CVSS) and NIST's Static Analysis Tool Exposition (SATE). My primary interests include secure software development and testing, understanding the strengths and limitations of automated code analysis tools, the theoretical underpinnings of vulnerabilities, making software security accessible to the general public, vulnerability information management including post-disclosure analysis, and vulnerability research. Specialties: Vulnerability research, vulnerability management, software security.